[Samba] samba with customized ldap backend

mathias dufresne infractory at gmail.com
Wed Oct 12 10:23:05 UTC 2016 

2016-10-12 11:56 GMT+02:00 Arun Gupta <arung at cdac.in>:

>
> Sir,
>
>
>  No AD, that's some NT4 domain.
> Yes, it has no AD
>
> - No Winbind because Winbind is using samacccountname as user login and
> not UID.
> --> Not configured
>
> - Issue happens on Linux or UNIX clients.
>>
> On both client
>
>
> I am using sssd and pam_ldap for user retrival and modified
> pam_login_attribute (pam_ldap.conf file) to username instead of uid (by
> default value) so I am very well able to authenticate with many services
> like ssh, smtp auth etc but in sabma case it is trying to contact
> uid='numeric value' instead of username=test1.
>

Please develop what you meant when you wrote "in sabma case it is trying to
contact uid='numeric value' instead of username=test1."


>
> I think somewhere in configuration, we may define username attribute
> instead of uid which is samba configured.
>
> Regards,
> Arun
>
>
>
>
>
> On Wed, 12 Oct 2016, mathias dufresne wrote:
>
> I have to assume much, I'll try. So...
>> - No AD, that's some NT4 domain.
>> - No Winbind because Winbind is using samacccountname as user login and
>> not UID.
>> - Issue happens on Linux or UNIX clients.
>>
>>
>> The question is what tool (SSSD, pam_ldap / nss_ldap, nslcd...) are you
>> using to retrieve information from LDAP to forge users on system side.
>>
>> Once you get an answer to this previous question check how to configure
>> that tool to tell it that uid is uid and login. Most of them can do that.
>>
>> 2016-10-12 7:30 GMT+02:00 Arun Gupta via samba <samba at lists.samba.org>:
>>       Sir,
>>
>>       Please help me out
>>
>>       Regards,
>>       Arun
>>
>>       On Tue, 4 Oct 2016, Arun Gupta wrote:
>>
>>             Dear All,
>>
>>             I have configured ldap with uid='some numeric' instead of
>> uid=username
>>
>>             like that;
>>
>>             dn: uid=102220,ou=User,dc=example,dc=com
>>             uid: 102220
>>             username: test1
>>             cn: Test Account
>>             objectClass: inetOrgPerson
>>             objectClass: posixAccount
>>             objectClass: top
>>             objectClass: shadowAccount
>>             objectClass: sambaSamAccount
>>             mail: test1 at cdac.in
>>             shadowLastChange: 15587
>>             loginShell: /bin/bash
>>             uidNumber: 5345
>>             gidNumber: 5345
>>             homeDirectory: /home/test1
>>             userPassword: {SSHA256}v7vlA8YYjJ27IbPQQa8eaChdHFcnw==
>>             sambaPwdLastSet: 1473165911
>>             sambaLMPassword: 7e58f6a33f8b3ef68ef354180a3a1da7
>>             sambaSID: S-1-5-21-4079184197-2446238136-3299756537-1008
>>             sambaAcctFlags: [UX         ]
>>             sambaNTPassword: 0242A7FEC5CD294F916925766089E573
>>
>>
>>             when I configured samba with ldap backend then samba is not
>> able to get user information (because samba always search attribute
>>             uid=numeric), but when I replace uid=username (uid=test1
>> instead of uid=102220) it works and authenticate successful.
>>
>>             As I have 3000+ users in ldap and it is not possible to
>> change to all user settings, request to you kindly give me some clue to
>> find out
>>             the solution, I will highly obliged for the same.
>>
>>
>>
>>
>> ------------------------------------------------------------
>> -------------------------------------------------------------------
>> [ C-DAC is on Social-Media too. Kindly follow us at:
>> Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ]
>>
>> This e-mail is for the sole use of the intended recipient(s) and may
>> contain confidential and privileged information. If you are not the
>> intended recipient, please contact the sender by reply e-mail and destroy
>> all copies and the original message. Any unauthorized review, use,
>> disclosure, dissemination, forwarding, printing or copying of this email
>> is strictly prohibited and appropriate legal action will be taken.
>> ------------------------------------------------------------
>> -------------------------------------------------------------------
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>>
> --
>
> Thanks & Regards,
>
> Arun Kumar Gupta
> Mail Administrator
> HPC Infrastructure and Ecosystem Group
> Centre for Development of Advanced Computing
> Savitribai Phule Pune University Campus
> PUNE-Maharastra
> Phone : +91-20-25704347
> WEB   : http://www.cdac.in/
>
>
> ------------------------------------------------------------
> -------------------------------------------------------------------
> [ C-DAC is on Social-Media too. Kindly follow us at:
> Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ]
>
> This e-mail is for the sole use of the intended recipient(s) and may
> contain confidential and privileged information. If you are not the
> intended recipient, please contact the sender by reply e-mail and destroy
> all copies and the original message. Any unauthorized review, use,
> disclosure, dissemination, forwarding, printing or copying of this email
> is strictly prohibited and appropriate legal action will be taken.
> ------------------------------------------------------------
> -------------------------------------------------------------------
>
>

More information about the samba mailing list